The new UPN for the user, which will also become the users
common name.

<preferredDomainController>

Yes

<plans><plan type="ExchMailbox"
name="BaseMail">

No

Collection of plans to apply to the user. Note that only a
single ExchMailbox plan is supported at this time, but this syntax
allows for easier extension in the future.

<customerTypeName>

No

The Plans Database customer type. Valid values are:

BusinessUser (default)

ConsumerUser

<policyName>

No

Determines the security policy to apply to the object. If not
supplied the procedure determines the user's root org type and
applies it. Valid values are:

Hosting

Reseller

Customer (default)

Default - not recommended because this creates a user with no
security setting beyond those inherited by parent. Generally the
supplied value should be reseller or customer. Hosting is used for
the Hosting container (e.g. LDAP://OU=Hosting,DC=fabrikam,DC=Com)
and default is used for users in child containers (such as
departments), which simply inherit security policy from
parent.

<sAMAccountName>

Yes

If not provided, the procedure will use the existing users
sAMAccountName.

Preferred DC Active Directory Provider::Get Properties - checks
for an existing mailbox to determine if a mailbox should be created
or simply imported.

MPS Import::CreateMailbox (conditional) - If user does not have
an existing mailbox.

MPS Import::ApplyMailboxPlan (conditional) - If user has an
existing mailbox.

MPS Import::AllocateExistingMailbox (conditional) - If user has
an existing mailbox.

sAMAccountName behavior

When creating a user, it is necessary to also ensure that the
new user's sAMAccountName is unique within the domain. If it is
not, creation will fail. The procedure will attempt to create the
object with the provided sAMAccountName. If this value is not
unique in the domain, then the following auto account name
generation applies:

Also, interactions with Exchange make it undesirable for the '@'
character to appear in a sAMAccountName. Therefore, when creating
or renaming a user or group, the sAMAccountName will be similar to
the input name (or Universal principal name), except that illegal
sAMAccountName characters are removed, and '@' characters are
replaced with '_'. If the sAMAccountName collides with an existing
sAMAccountName, then a random string of digits will be appended to
the sAMAccountName to ensure uniqueness.

The algorithm for generating a sAMAccountName from the seed name
(Universal Principal Name for a user, or cn if the object is a
group), is as follows: type="ORDERED"

Remove all of the following illegal characters from the seed
name: "/\[]:|<>+=;?,*

Trim the seed name to a maximum of 20 characters

If the last character is a '.', replace it with '_'

Attempt to create the object with the trial sAMAccountName

If there is a sAMAccountName collision in step 4, generate 3
trial names by limiting the seed name to 17 characters, then
appending a random 3-digit number to each. Generate 2 additional
trial names by limiting the seed name to 15 characters, then
appending a 5-digit random number to each. Attempt to create the
object using each of these 5 trial names in turn.

<proxyAddresses>: Additional proxy addresses for the
user. Ignored if planName not provided.

Note

The procedure will accept additional proxyAddress. However, the
called Hosted Exchange::CreateMailbox procedure, which is executed
when a plan is specified, adds a primary SMTP address based on the
user's UPN prefix and the org's SMTP Domain (e.g.
user@alpineskihouse.com).

<alias>: The procedure will accept this as an optional
parameter. Other wise an alias will be generated from the UPN
prefix (e.g. user from user@alpineskihouse.com)

<properties>/<property>: One or more Active
Directory attributes that are valid for an object of the user
class.